As a side effect of a recent federal ruling, loaning out your Netflix password to your pal so they can catch up on Orange is the New Black is now considered a federal offense.
Three judges from the Ninth Circuit of the United States Court of Appeals handed down their ruling after voting two-to-one that password sharing is a federal crime. This ruling is in response to former Korn Ferry employee David Nosal headhunting former colleagues specifically to obtain still-valid user credentials in order to steal Korn Ferry data for use in his new firm.
This action landed Nosal in court, charged with hacking under CFAA, or the Computer Fraud and Abuse Act. The CFAA has been widely panned as overreaching, especially as it empowers the Justice Department to go after anyone who violates any Terms of Service agreement that they “read.”
Nosal escaped legal repercussions when judges from the Ninth Circuit tossed out several of the charges against him in 2011, but was convicted of his remaining charges in 2013 due to a ruling by a federal jury, receiving a prison sentence of one year and one day (qualifying his crime as a felony).
However, not everyone is happy about the ruling, especially the dissenting judge - who has his eye on the bigger picture. Judge Stephen Reinhardt shared his thoughts on the subject in his post-ruling written remarks:
“This case is about password sharing. People frequently share their passwords, notwithstanding the fact that websites and employers have policies prohibiting it. In my view, the Computer Fraud and Abuse Act (“CFAA”) does not make the millions of people who engage in this ubiquitous, useful, and generally harmless conduct into unwitting federal criminals.”
This “generally harmless conduct” would include, under the law, Netflix viewing and other subscription-based streaming services, such as HBO Go. As a result of this ruling, Netflix (whose service allows a single “household” access to Netflix on six different devices, and streaming capability on two devices at a time) could crack down on users sharing their passwords without first asking the streaming service for permission.
If this interpretation of the CFAA continues, it is fairly easy to conclude that keeping your password safe will be of considerable importance, just as it is with other online services, such as banking or other sensitive operations.
While this is clearly an excessive approach to take in response to families and friends pooling their resources for some good old entertainment, the lessons to be learned here are valuable ones. Best practices clearly say to never share your password with anyone, as that’s just another person who could let your credentials slip into the wrong hands.
Have you shared your Netflix (or any other streaming service) password with a friend or family member? Do you think sharing that information should be illegal? Let us know in the comments, and be sure to subscribe to our blog.
